| 1 |
On Wed, 18 Jun 2014 19:23:25 +0000 (UTC), James wrote: |
| 2 |
|
| 3 |
> OK, lets skip any RF backdoors installed by the manufacturer, |
| 4 |
> as those always exist, but are 'out of scope', for now. |
| 5 |
> |
| 6 |
> |
| 7 |
> U see this? |
| 8 |
> |
| 9 |
> http://www.unrest.ca/evaluating-the-security-of-the-yubikey |
| 10 |
|
| 11 |
I hadn't. At first glance it appears to relate to their OTP service, |
| 12 |
which I don't use. I use it with a static password as part of a two |
| 13 |
factor approach, so you would need to get physical access to the key for |
| 14 |
long enough to grab the password and know the other part of the password. |
| 15 |
|
| 16 |
|
| 17 |
-- |
| 18 |
Neil Bothwick |
| 19 |
|
| 20 |
When you go to court you are putting yourself in the hands of 12 people |
| 21 |
that were not smart enough to get out of jury duty. |
Archives